Original report by Avamander (Bitbucket: avamander, GitHub: avamander).

Due to the fact that purple-hangouts is a somewhat sensitive piece of software with a rather big attack surface I think it's really worth compiling it by default with:

• -fstack-protector-strong -Wstack-protector (-fstack-protector-all would work too, the performance impact is unnoticeable) - Protects against stack overflow

• -fstack-clash-protection - Protects against stack clash attacks

• -D_FORTIFY_SOURCE=2 - Protects against possible misuses of sensitive functions, http://man7.org/linux/man-pages/man7/feature_test_macros.7.html

• -Wformat -Werror=format-security -Wformat-security - Helps avoid format errors

• -Wl,-z,relro,-z,now - For full RELRO

I compiled it myself with these flags and it has worked perfectly so far